[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: [libvirt] Fine grained Access Control in libVirt

From: "Richard W.M. Jones" <rjones redhat com>
To: Konrad Eriksson1 <KON zurich ibm com>
Cc: libvir-list redhat com
Subject: Re: [libvirt] Fine grained Access Control in libVirt
Date: Thu, 15 Jan 2009 13:42:41 +0000

On Thu, Jan 15, 2009 at 02:39:20PM +0100, Konrad Eriksson1 wrote:
> When looking at the libvirt core and driver framework it seems promising 
> to inject these kind of call-out hooks either in libvirt.c or between 
> libvirt.c and the underlying drivers, by doing this AC will be enforced 
> independent of if a local or remote call is done to libVirt.

In libvirt.c is probably easier ...  And abstract out the read-only
checks at the same time.

> Feel free to comment and to come with improvement ideas.

All sounds good.  There's a wiki page waiting to be filled in with
the details here:

  http://wiki.libvirt.org/page/TodoFineGrainedSecurity

Rich.

-- 
Richard Jones, Emerging Technologies, Red Hat  http://et.redhat.com/~rjones
virt-p2v converts physical machines to virtual machines.  Boot with a
live CD or over the network (PXE) and turn machines into Xen guests.
http://et.redhat.com/~rjones/virt-p2v

References:
- [libvirt] Fine grained Access Control in libVirt
  - From: Konrad Eriksson1

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]